Skip to content

Commit 7681097

Browse files
crasscrass
committed
scripts/forensic-mark-readonly: Add support for devices with multiple parents
Some block devices can have multiple parents, such as LVM raid volumes. Signed-off-by: Glenn Washburn <[email protected]>
1 parent f9c9b59 commit 7681097

File tree

1 file changed

+39
-15
lines changed

1 file changed

+39
-15
lines changed

config/files/GRMLBASE/etc/udev/scripts/forensic-mark-readonly

Lines changed: 39 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,12 @@ dir() {
2727
}
2828

2929
is_ro() {
30-
[ "$(blockdev --getro "$1")" = "1" ] && return 0 || return 1
30+
# ASSUMPTION: Device paths can not contain spaces
31+
while [ "$#" -gt 0 ]; do
32+
[ "$(blockdev --getro "$1")" = "1" ] && return 0
33+
shift
34+
done
35+
return 1
3136
}
3237

3338
if [ -z "${1:-}" ] ; then
@@ -47,18 +52,35 @@ esac
4752

4853
SYS_DIR="$(get_blockdev_dir)"
4954

55+
patternsfile=
56+
cleanup() {
57+
if [ -f "$patternsfile" ] ; then
58+
rm "$patternsfile"
59+
fi
60+
}
61+
trap cleanup EXIT
62+
trap cleanup ERR 2>/dev/null ||:
63+
5064
base_device=$(base "${BLOCK_DEVICE}")
5165
if [ -n "${SYS_DIR}" ] && [ -n "${base_device}" ] ; then
52-
tmp_parent="$(readlink -f "${SYS_DIR}"/*/"${base_device}")"
53-
if [ -z "${tmp_parent}" ]; then
54-
tmp_parent=$(dir "${SYS_DIR}"/*/holders/"${base_device}")
66+
tmp_parents="$(readlink -f "${SYS_DIR}"/*/"${base_device}")"
67+
if [ -z "${tmp_parents}" ]; then
68+
tmp_parents=
69+
for DEV in "${SYS_DIR}"/*/holders/"${base_device}"; do
70+
[ -d "$DEV" ] && tmp_parents="${tmp_parents:+${tmp_parents} }$(dir "$DEV")"
71+
done
5572
fi
56-
if [ -d "${tmp_parent}" ] ; then
57-
parent_device=$(dir "${tmp_parent}")
58-
parent_device=$(base "${parent_device}")
59-
parent_device="/dev/${parent_device}"
60-
fi
61-
unset tmp_parent
73+
# ASSUMPTION: There should be no spaces in device names.
74+
parent_devices=
75+
for tmp_parent in ${tmp_parents}; do
76+
if [ -d "${tmp_parent}" ] ; then
77+
tmp_parent=$(dir "${tmp_parent}")
78+
tmp_parent=$(base "${tmp_parent}")
79+
tmp_parent="/dev/${tmp_parent}"
80+
parent_devices="${parent_devices:+${parent_devices} }${tmp_parent}"
81+
fi
82+
done
83+
unset tmp_parent tmp_parents
6284
fi
6385

6486
# support configuration file
@@ -75,9 +97,11 @@ if [ -r /etc/grml/forensic.conf ] ; then
7597
fi
7698

7799
if [ -n "${READONLY_IGNORE:-}" ] ; then
78-
if [ -n "${parent_device}" ] ; then
79-
if echo "${READONLY_IGNORE:-}" | grep -qw "${parent_device}" ; then
80-
logger -t forensic-mark-readonly "not setting '${BLOCK_DEVICE}' (parent device: '${parent_device}') to read-only as its parent is present in ignore list"
100+
if [ -n "${parent_devices}" ] ; then
101+
patternsfile=$(mktemp /dev/shm/forensic-mark-readonly.patterns.XXXXXX)
102+
echo "${parent_devices}" | sed "s| |\n|" > "${patternsfile}"
103+
if echo "${READONLY_IGNORE:-}" | grep -qw -F "$patternsfile" ; then
104+
logger -t forensic-mark-readonly "not setting '${BLOCK_DEVICE}' (parent devices: '${parent_devices}') to read-only as its parent is present in ignore list"
81105
exit 0
82106
fi
83107
fi
@@ -90,8 +114,8 @@ fi
90114

91115
if is_ro "${BLOCK_DEVICE}" ; then
92116
logger -t forensic-mark-readonly "device ${BLOCK_DEVICE} already set to read-only mode, nothing to do"
93-
elif [ -n "${parent_device}" ] && ! is_ro "${parent_device}" ; then
94-
logger -t forensic-mark-readonly "parent device ${parent_device} is set read-write, not modifying"
117+
elif [ -n "${parent_devices}" ] && ! is_ro "${parent_devices}" ; then
118+
logger -t forensic-mark-readonly "all parent devices (${parent_devices}) are set read-write, not modifying"
95119
logger -t forensic-mark-readonly "use blockdev --setro ${BLOCK_DEVICE} to set it manually"
96120
else
97121
logger -t forensic-mark-readonly "setting ${BLOCK_DEVICE} [${ID_SERIAL}] to read-only"

0 commit comments

Comments
 (0)